Cyber Security Weekly News – August 28, 2014

Posted: August 28, 2014 in Uncategorized
Tags: , ,

Security NewsIntelligence Gap: How a Chinese National Gained Access to Arizona’s Terror Center

The un-vetted computer engineer plugged into law enforcement networks and a database of 5 million Arizona drivers in a possible breach that was kept secret for years.

For five months in 2007, the Chinese national and computer programmer opened his laptop and enjoyed access to a wide range of sensitive information, including the Arizona driver’s license database, other law enforcement databases, and potentially a roster of intelligence analysts and investigators … See more at: www.propublica.org

DISCLOSURE OF AUTHORIZATION-BYPASS ON THE DOCKER HUB

Following the postmortem of a previous vulnerability announced on June 30th, the Docker team conducted a thorough audit of the platform code base and hired an outside consultancy to investigate the security of the Docker Registry and the Docker Hub. On the morning of 8/22 (all times PST), the security firm contacted our Security Team … See more at: blog.docker.com

Netis Routers Leave Wide Open Backdoor

Routers manufactured by Netcore, a popular brand for networking equipment in China, have a wide-open backdoor that can be fairly easily exploited by attackers. These products are also sold under the Netis brand name outside of China. This backdoor allows cybercriminals to easily run arbitrary code on these routers, rendering it vulnerable as a security device.

This port is accessible from the WAN side of the router. This means that if the router in question has an externally accessible IP address (i.e., almost all residential and SMB users), an attacker from anywhere on the Internet can access this backdoor … See more at: blog.trendmicro.com

Google has removed 50 vulnerabilities in its Chrome browser

The Chrome team is delighted to announce the promotion of Chrome 37 to the stable channel for Windows, Mac and Linux. Chrome 37.0.2062.94 contains a number of fixes and improvements, including:

– DirectWrite support on Windows for improved font rendering
– A number of new apps/extension APIs
– Lots of under the hood changes for stability and performance … See more at: googlechromereleases.blogspot.com

Nissan says Japanese website altered, posed virus risk

A page on Nissan Motor Co’s Japanese website had been altered for nearly two months before being remedied and users that accessed it may have downloaded files infected with viruses, the Japanese automaker said on Tuesday.

Users opening the page for calculating vehicles trade-in value were automatically sent to a non-Nissan website from which they may have downloaded virus files had they clicked on anything, spokesman Chris Keeffe said … See more at: www.reuters.com

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s